Home » All eCommerce News » Is Your Internet Business Safe from Hackers?

Is Your Internet Business Safe from Hackers?

By Susan Delly
June 9, 2012

We’ve been reminded this last week, thanks to LinkedIn and eHarmony, of how important site security is.  Hopefully the reminder will do us, the eCommerce community, some good and keep fresh in our minds how easy it is to let things slip and make ourselves a target.   Luckily, for an eCommerce merchant, security is an issue that can be taken care of easily.  When shopping for the eCommerce solution software that will help you run your online store and check-out process, simply make sure you go with a hosted cart that is PCI-compliant! If you’re looking to host your store on your own server, only use a cart that is certified PA-DSS compliant by the PCI Security Council.  They keep an up-to-date list of these applications at pcisecuritystandards.org.

Online business security is one of the most undervalued features of eCommerce solution softwares.  Though PCI-compliance is a mandatory global requirement, surveys report that online business owners are often more concerned about store design and marketing features than they are about security.   While design and marketing are very important parts of an online shop, security should be on top of your priorities, as well.  You should always remember that as a store owner, you are completely responsible for your store’s security… that means you are completely financially responsible for any breaches in security that might occur.  This includes the costs associated with reissuing any credit card information that may have been compromised. Fortunately, when you partner your storefront with a shopping cart solution that is PCI-compliant, you can rest at ease because the company behind the software has already gone through a great deal of effort and done all of the security work for you.

What is PCI-Compliance?

PCI-compliance is a set of stringent standards that strictly regulates any business that deals with credit / debit / atm / etc card information.  The goal of PCI-compliance is to protect online merchants, businesses and shoppers by protecting the card holder’s sensitive information and reducing credit card fraud.  PCI-compliance is a mandatory global security standard that is set by the 5 major credit card brands (VISA, MC, AMEX, DISCOVER, and JCB).   If your online store is not PCI-compliant, you will face fines and be held responsible for any breaches of security.

So… the bottom line is.

In order to protect your customers, your business, and yourself, only choose a shopping cart solution that meets the current PCI-Compliance regulations.  Check their certification to make sure it is valid and up-to-date as compliance renews annually.  Also, to be especially careful and use the highest levels of protection, look into PCI-DSS compliance for your business.  Your customers will feel more secure knowing that you’re protecting them.  It’s the right thing to do!

About Susan D.

Susan was raised in Missouri but has lived 'out west' for more than 10 years. She currently bounces back and forth between the Phoenix and San Francisco areas and is always looking for the next adventure. Susan has a curious mind and wanderlust heart, which has made research and blogging a perfect fit for her. She especially enjoys keeping up with and writing on local and unique businesses, travel, and eCommerce issues. When she's not running Zippycart, she's probably researching a random piece of information she came across online.

No comments

  1. The LinkedIn hack is an example of a growing trend, and we’re reaching a tipping point where the cost and disruption are so onerous that sites are going to be more proactive about addressing security.

    PCI compliance is clearly a critical component, and website owners are well-advised to look at user password security options as well. The big problem with the LinkedIn hack is that not only should everybody change their LI password, but chances are they are using the same password on many other sites because of the hassle of managing passwords for so many accounts. People who know your LI password are going to try to login into PayPal, etc.

    Tools are available to help eCommerce sites equip users with a choice to use strong, two-factor authentication, in which a password is generated and used once.

    MYDIGIPASS is a user-centric, cloud-based service for providing one-time passwords to users logging into websites. Websites are integrating MDP in the same way the enable users to log in with Facebook or other third party identity providers. The service and a mobile client are free to users. Striking the right balance between user convenience and security is critical, and such approaches are moving in the right direction.

  2. I like to shop online, I rarely have time to go and shop at physical stores, so the convenience of e-Commerce sites always wins. I understand your fear of having your bank account hacked because that would be disastrous. I would hate to become a victim of an identity scam that’s why I always telesign into my online accounts to be verified and protected. I am not sure why not all companies use this, in fact I feel suspicious when an online store doesn’t ask me to telesign in, now it just feels as if they are not offering enough protection.

Leave a Reply

Your email address will not be published. Required fields are marked *

*

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>